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(54) Checking the Personal Identification Number of a mobile subscriber 



(57) The invention relates to method for checking a 
personal identification number (PIN) of a subscriber in 
a mobile equipment (500) employed in a mobile com- 
munications system (600), the mobile equipment con- 
taining a protected subscriber identity (IMSL ITSI). The 
method comprises the steps of requesting (203) the us- 
er of the mobile equipment the personal identification 
number (PIN) of the subscriber, checking (103) the va- 
lidity of the personal identification number entered by 
the user, repeating (109) these steps provided that the 
user does not enter the valid personal identification 
number, and, when the number of requests (203) and 
checks (103) of the identification number exceeds a pre- 
determined threshold value, blocking (111) the mobile 
equipment. According to the invention, protection of a 
protected subscriber identity is released (1 1 2), thus.find- 
ing out the identity of the subscriber: the subscriber iden- 
tity as well as and an indication that the mobile equip- 
ment has been blocked are transmitted the mobile com- 
munications system. 
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Description 

The Field of the Invention 

The invention relates to a method for checking the s 
identification number of a subscriber in a mobile equip- 
ment employed in a mobile communications system, 
said mobile equipment containing a protected subscrib- 
er identity, the method comprising the steps of: request- 
ing the user of the mobile equipment the identification to 
number of the subscriber checking the validity of the 
identification number entered by the user, repeating 
these steps provided that the user does not enter the 
valid identification number, and, when the number of re- 
quests and checks of the identification number exceeds is 
a predetermined threshold value, blocking the mobile 
equipment. 

A first embodiment of the invention relates to a radio 
telephone or a mobile communication system in which 
the subscriber identities and terminal equipments are 20 
permanently connected to each other as mobile sta- 
tions. Such mobile equipments are usually subscriber- 
specific and they are identified with a protected sub- 
scriber identity (I MSI = International Mobile Subscriber 
Identity or ITSI = Individual Tetra Subscriber Identity). 2s 

A second embodiment of the invention relates to a 
radio telephone system in which subscribers and termi- 
nal equipments are not permanently connected togeth- 
er, and particularly terminal equipments and subscriber 
identity modules, such as SIM cards (SIM = Subscriber 30 
Identity Modules), within these networks. Such systems 
include, for example, cellular networks comprising 
phones in which a subscriber is identified by a subscrib- 
er-specific subscriber identity module provided in the 
phones. One example of such a cellular communication 3S 
system is the GSM system (Global System for Mobile 
Communications). Another example is the TETRA 
(Trans European Trunked Radio) mobile communica- 
tion system. The TETRA mobile communication sys- 
tem, in turn, represents an example of the PMR (Private 40 
or Professional Mobile Radio) mobile communication 
system. It must be noted that mobile equipments ac- 
cording to the first embodiment of the present invention, 
in which terminal equipments and subscribers are per- 
manently connected to each other, may also operate in 
these mobile communications systems. 

Background of the Invention 

The subscriber identity module, such as a SIM card, so 
is subscriber-specific, which means that subscriber 
equipments are not confined to a specific subscriber. 
The subscriber identity module, such as a SIM card or 
a GSM card, is a smart card or a smart card which is 
placed in the mobile equipment and contains informa- ss 
tion required for identifying a subscriber and for encrypt- 
ing radio traffic. A subscriber identity module, such as a 
SIM card, refers herein to a smart card that can be re- 



moved from a mobile equipment and that allows a sub- 
scriber to use the card controlled mobile equipment. 

If a subscriber identity module is employed, the user 
need not have a mobile equipment of his own, but a sub- 
scriber identity module is all he needs. Such a subscrib- 
er identity module can be, for example, a SIM card (Sub- 
scriber Identity Module) which is, in a way, a phone card 
that allows the subscriber to make (and receive) calls 
from any mobile equipment of the system. The purpose 
of a SIM card, on the one hand, is to provide the mobile 
equipment with data identifying the user safely in a pro- 
tected form, and, on the other hand, to provide services 
to the mobile equipment. The services include mainte- 
nance of the identification number (input, alteration, 
etc.), calculating an encryption key by means of user 
identity algorithms, and unblocking a SIM card blocked 
after an excessive number of entered false personal ' 
identification numbers (PIN) for example by means of a 
PUK code (PUK-code = Personal Unblocking Key). 

As an alternative way of implementing a SIM card 
in hand-held phones, a so-called plug-in-SIM has been 
introduced. A plug-in-SIM is a coin-sized part containing 
the electronics of a credit card sized SIM card. It is so 
placed in a phone that the user is not able to replace it 
with ease. The phone may also have an incorporated 
plug-in-SIM and, in addition, a card reader. If the card 
reader contains a card, the phone is identified on the 
basis of the external card, otherwise on the basis of the 
incorporated plug-in-SIM. The term subscriber identity 
module, such as a SIM card, herein generally refers to 
both the plug-in-SIM and the smart card SIM unless ad- 
vised to the contrary. 

The general function of a SIM card is specified in 
the GSM recommendation 02.17, Subscriber Identity 
Modules, ETSI, of the GSM mobile communication sys- 
tem. It defines the terms associated with a SIM card and 
sets the requirements for the security of a SIM card, 
functions of the highest level, defines the tasks for the 
network operator and the information to be stored in a 
SIM card. It also specifies the minimum requirements 
for a SIM card of a user interface of a phone, such as a 
mobile equipment, concerning for example the input and 
change of a user's Personal Identification Number 
(PIN). 

In addition, the GSM recommendation 11.11, SIM 
Application Protocol, ETSI, defines more closely the is- 
sues specified by the aforementioned GSM recommen- 
dation 02.17 by defining the protocols between a SIM 
card and a mobile equipment (ME = Mobile Equipment), 
the exact contents and lengths of the data fields of the 
SIM card, as well as the matters related to mechanical 
and electrical connections. The GSM recommendation 
11.11 is a documentation on the basis of which engi- 
neers are expected to be able to provide the software 
and hardware implementation of a SIM interface. 

A problematic situation arises in the use of mobile 
communications systems when a mobile equipment 
and/or a SIM card is lost and comes into the wrong 
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hands. Thus, since losing the phone is not necessarily 
noticed immediately, the person who has stolen the mo- 
bile equipment may try breaking the PIN code of the SIM 
card by trying different codes. When an unauthorized 
user has made a sufficient number of attempts to break s 
the PIN code, the SIM card may block itself in such a 
way that it cannot be activated any more by means of 
the PIN code only, but a PUK code for cancelling the 
blocking must be entered. This function alone prevents 
unauthorized use of the SIM card, but it does not assist io 
in identifying or neutralizing the unauthorized user in any 
way. 

When a mobile equipment is taken into use, identi- 
fying the mobile user is usually started by requesting the 
user an identification number, such as a PIN (Personal is 
Identification Number) associated with the mobile 
equipment or the SIM card. The personal identification 
number PIN related to the user of the SIM card and the 
mobile equipment must thus be entered into the mobile 
equipment and further into the SIM card if data fields 20 
determined on a PIN encryption level are wished to be 
read or altered. In practice, this is done every time in 
connection with activating the telephone or inserting the 
SIM card into a card reader. 

Once the valid identification number has been en- 25 
tered, the card will also allow reading information locat- 
ed within a confidential area of the card memory. 

If the user enters an invalid personal identification 
number (PIN), the SIM returns the invalid code, and the 
identification number is requested again. The SIM also 30 
increments its internal error counter, which cannot be 
adjusted by the user in any circumstances. If the user 
enters three invalid identification numbers in a row, the 
SIM shifts into a blocked state. 

A blocked card may be re-activated, depending on 35 
the implementation, with a specific PUK identification 
number or possibly only by means of the service meas- 
ures carried out by the manufacturer. A SIM that is in 
the blocked state only receives an unblocking command 
(UNBLOCK) for a blocked SIM card. In such a case, the 40 
user enters the SIM card an unblock PUK code which 
is 8 digits in length. Provided that the user enters an 
invalid unblock PUK identification number e.g. for ten 
times, the SIM shifts into a permanently blocked state, 
from which it can be returned only by the network oper- *s 
ator that has provided the SIM card. 

A mobile equipment that operates according to the 
prior art - in the first embodiment of the invention - and, 
on the other hand, a subscriber identity module i.e. a 
SIM card - in the second embodiment of the invention - so 
may prevent the use of mobile equipment or corre- 
spondingly of the subscriber identity module, that is, the 
SIM card in such a manner that when an unauthorized 
user makes a sufficient number of attempts to break the 
PIN code, that is, when the unauthorized user enters an S5 
invalid PIN code for a sufficient number of times, the mo- 
bile equipment or the card blocks itself so that it can no 
longer be reactivated only by means of the PIN code, 



but some other unblocking code, such as a PUK code 
must be entered. The mobile equipment or the subscrib- 
er identity module is thus deactivated provided that the 
unauthorized user knows neither the PIN code nor the 
PUK code (PUK = Personal Unblocking Key). 

Another aspect of the matter disclosed above is the 
fact that the memory of the smart cards employed as 
subscriber identity modules, or SIM cards, is usually di- 
vided into parts according to the fact who has an access 
right to the data located in the memory: the memory is 
usually divided into three zones on the basis of the en- 
cryption class: an open, a confidential and a secret 
zone. On the confidential zone, such data is stored that, 
in order to be read and altered, requires a PIN identifi- 
cation number to be entered to the card. The memory 
of such a mobile equipment that is not connected to a 
subscriber identity module may also be divided into 
open, secret/confidential zones in the manner described 
above. In the confidential area of both the mobile equip- 
ment and of the SIM card, all user-specific data is stored, 
including protected subscriber identities, such as an IM- 
Sl = International Mobile Subscriber Identity in the GSM 
system and an ITS! = Individual Tetra Subscriber Iden- 
tity in the TETRA system. 

Brief Description of the Invention 

It is an object of the present invention to provide a 
method that allows checking the identification number 
of a mobile subscriber and preventing an unauthorized 
use of a mobile equipment or a subscriber identity mod- 
ule, that is, a SIM card. It is an object of the invention to 
improve the safety of the network operator and the user 
and to protect them against unauthorized use of mobile 
equipments and of subscriber identity modules, and par- 
ticularly against attempts to use them without permis- 
sion. 

The first embodiment of the invention is achieved 
with a method of the invention, which is characterized 
by releasing a protection of a protected subscriber iden- 
tity, and thus finding out the identity of the subscriber; 
transmitting to the mobile communications system the 
subscriber identity in question and indication that the 
mobile equipment has been blocked. 

The second embodiment of the invention relates to 
a method for checking the identification number of a 
subscriber in a mobile equipment employed in a mobile 
communications system, said mobile equipment being 
a combination of a subscriber station and an individual 
subscriber identity module containing a protected sub- 
scriber identity, said identity module being removably at- 
tached to the subscriber station, whereby a mobile 
equipment may be composed by attaching the subscrib- 
er identity module to any subscriber station, the method 
comprising the steps of: requesting the user of the mo- 
bile equipment the identification number of the subscrib- 
er, checking from the subscriber identity module the va- 
lidity of the identification number entered by the user, 
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repeating these steps provided that the user does not 
•enter the valid identification number, and. when the 
number of requests and checks of the identification 
number exceeds a predetermined threshold value, 
blocking the subscriber identity module. 5 

The second embodiment of the invention is charac- 
terized by releasing a protection of a protected subscrib- 
er identity, and thus finding out the subscriber identity; 
transmitting to the mobile communications system the 
subscriber identity in question and indication that the w 
subscriber identity module has been blocked. 

The first embodiment of the invention further relates 
to a mobile equipment comprising: memory means for 
storing the protected subscriber identity, a user interface 
for requesting the subscriber identification number from is 
the user of the mobile equipment, checking means for 
checking the validity of the identification number (PIN) 
of the subscriber in question, a counter for counting the 
number of validity checks of the subscriber identification 
number, blocking means responsive to said counter for 20 
blocking the mobile equipment when the number of 
checks exceeds a predetermined number without the 
user of the mobile equipment having entered a valid 
identification number by means of said user interface. 

The mobile equipment according to the first embod- 2s 
iment of the invention is characterized by comprising re- 
leasing means for releasing the protection of the pro- 
tected subscriber identity and for finding out the sub- 
scriber identity, and transmission means for transmitting 
to the mobile communications system the found sub- 30 
scriber identity and an indication that the mobile equip- 
ment has been blocked. 

The second embodiment of the invention relates to 
a mobile equipment comprising: a user interlace for re- 
questing the subscriber identity from the user of the mo- 35 
bile equipment, an individual subscriber identity module 
provided with a subscriber identity, said module being 
removably attached to said mobile equipment, further 
comprising checking means for checking the validity of 
the identification number of the subscriber in question, 40 
a counter for counting the number of validity checks of 
the subscriber identification number, blocking means re- 
sponsive to said counter for blocking said subscriber 
identity module when the number of said checks ex- 
ceeds a predetermined number without the user of the *s 
mobile equipment having entered a valid identification 
number. 

The mobile equipment according to the second em- 
bodiment of the invention is characterized by further 
comprising releasing means for releasing the protection . so 
of the protected subscriber identity in the subscriber 
identity module and for finding out the subscriber iden- 
tity, and transmission means for transmitting to the mo- 
bile communications system the found subscriber iden- 
tity and an indication that*the subscriber identity module ss 
has been blocked. 

This application discloses a method that allows the 
mobile equipment to indicate to the system an informa- 



tion that an attempt is made at misusing the mobile 
equipment or a subscriber identity module, such as a 
SIM card, attached thereto. Misuse may refer to break- 
ing the secret identification number of the SIM card or 
of the mobile user, for instance. 

The invention is based on the idea that a mobile 
equipment or a subscriber identity module, that is, a SIM 
card releases the protection of a subscriber identity (IM- 
Sl t ITSI) when blocking itself as a result of invalid PIN 
codes The SIM may thus communicate the subscriber 
identity (IMSI. ITSI) to the mobile equipment provided 
that it requests it subsequent to blocking of the SI M card. 
All the other information on the SIM card further remains 
protected. A mobile equipment/SIM card that operates 
in this manner may indicate towards the system the sub- 
scriber identity, the mobile equipment or SIM card cor- 
responding to which was attempted to break by breaking 
the PIN identification number of the subscriber related 
to the mobile equipment or the SIM card in question. 

The invention discloses how to indicate to the mo- 
bile communications system an attempt to break into a 
mobile equipment or a SIM card. 

The advantage of such a method and a mobile 
equipment according to the invention is the fact that they 
solve problems related to safety of prior art mobile com- 
munications systems and mobile equipments. 

Prior art courses of action are insufficient because 
an attempt to break into a mobile equipment or a sub- 
scriber identity module, such as a SIM card attached 
thereto is presumably not indicated to the system. 

In networks designed for public safety, in particular, 
such as PMR and TETRA networks it would be most 
desirable that an attempt to break into a mobile equip- 
ment or a SIM card attached thereto would be indicated 
to the system. The mobile equipment and the method 
of the invention allow this, that is, they allow the mobile 
communications system to receive an information of 
some user attempting to break the mobile equipment or 
the subscriber identity module for his own, unauthorized 
use. 

In accordance with the invention, when the mobile 
network receives the information on the attempt to break 
into the mobile equipment or the SIM card, the mobile 
network may thus try to block the mobile equipment or 
the subscriber identity module that has been attempted 
to break into so that they are no longer allowed to use 
the services of the network. In addition, the network op- 
erator or a supervisor or a duty officer of a smaller user 
group may be provided with the data related to the object 
of the breaking attempt, and they may take the required 
steps for preventing the unauthorized use. 

Brief Description of the Drawings 

In the following, the invention will be disclosed in 
greater detail with reference to the attached drawings, 
in which 
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Figure 1 is a flow diagram illustrating the operation 
of a subscriber identity module according to a sec- 
ond embodiment of the invention, 
Figure 2 is a flow diagram illustrating the operation 
of a mobile equipment according to the second em- 5 
bodiment of the invention, and 
Figure 3 is a block diagram illustrating the mobile 
equipment of the invention. 

Detailed Description of the Invention io 

The invention is based on the idea that a mobile 
equipment may unblock an encrypted subscriber iden- 
tity located in its memory or on a SIM card attached to 
the mobile equipment if the SIM card has blocked itself is 
as a result of entered invalid PIN codes. Figure 1 shows 
the operation of the method from the point of view of the 
SIM card, and Figure 2 from the point of view of the mo- 
bile equipment. After receiving the subscriber identity 
from the SIM, the mobile equipment transmits an infor- 20 
mation of the attempt, along with the subscriber identity, 
to the system. 

The operation of the first embodiment of the inven- 
tion must be understood by means of a description of 
the operation of the second embodiment of the inven- 25 
tion. Thus, requesting and checking the subscriber-spe- 
cific PIN code (password) associated with the subscrib- 
er identity module of the second embodiment corre- 
sponds to checking the subscriber identification number 
according to the first embodiment. 30 

Figure 1 is a flow chart of the operation of the sub- 
scriber identity module according to the second embod- 
iment of the invention. In step 101 the subscriber identity 
module, hereinafter referred to as a SIM card, starts to 
identify its user. This is carried out in step 102 by re- 3S 
questing the user of the card or, according to the first 
embodiment of the invention, the user of the mobile 
equipment an individual PIN code of a subscriber con- 
nected to the mobile equipment or the subscriber iden- 
tity module, respectively. Once the code has been ob- *o 
tained, the validity of the PIN code is checked in step 
103. Provided that the PIN code provided by the user is 
valid 104, the protections of the SIM card, that is, the 
confidential memory zone of the SIM card, are released. 
Correspondingly in the first embodiment of the inven- 45 
tion, it would be possible to release the confidential zone 
of the memory of the mobile equipment. Subsequently, 
the operation of the mobile equipment and of the SIM 
card continues as usual. 

If, in turn, it is detected in step 103 that the PIN code so 
entered to the mobile equipment is invalid 107, it is 
checked 108 how many times an invalid PIN code has 
already been entered into the mobile equipment. Pro- 
vided that the number of invalid PIN codes is smaller 
1 09 than a predetermined threshold value, the operation ss 
of the mobile equipment/SIM card returns to step 102, 
where the PIN code is requested again from the user of 
the mobile equipment. 



If, in turn, it is detected in the check in step 108 that 
the maximum number of PIN codes has already been 
requested 110. the use of the SIM card or, in the second 
embodiment of the invention, of the mobile equipment 
is blocked 111. Thereafter, the user can no longer use 
the SIM card or the mobile equipment without the valid 
PUK code of the SIM card in question being entered into 
the card or the mobile equipment. Following this, the 
protection of the subscriber identity code located on the 
SIM card or in the memory of the mobile equipment is 
released, that is, the protection of the IMSI or ITSI iden- 
tity is released so as to find out the identity. In the second 
embodiment of the invention, this identity is then first 
transmitted to the mobile equipment, which, as in the 
first embodiment of the invention, transmits to the mo- 
bile network said identity and the indication that an at- 
tempt has been made to break the PIN code e.g. in a 
registration message. Of course, the indication can be 
transmitted to the network in all other messages. The 
network is thus informed that an attempt has been made 
to break the PIN code of the mobile equipment or the 
SI M card, whereby the network or the operator may con- 
clude that the subscriber identification number in ques- 
tion is associated with a user who is attempting at mis- 
using the network and the user in question may thus be 
blocked outside the network. 

Following this in step 1 1 3 the PUK code is request- 
ed from the mobile user. Thereafter, it is checked in step 
1 1 4 whether the entered PUK code is valid. In case the 
entered PUK code is valid 115, a PIN code counter is 
reset 1 1 6, whereby the user may again feed a predeter- 
mined number of 'invalid' PIN identification numbers 
without the operation of the SIM card or the mobile 
equipment being blocked. In other words, the procedure 
returns to step 102, in which the PIN code is requested 
from the user. 

If, in turn, the user enters an invalid PUK code 117. 
it is checked 118 from the following counter whether a 
maximum number of invalid PUK codes has been en- 
tered into the mobile equipment or the SIM card. In case 
the maximum number has not yet been exceeded 119, 
the procedure returns to step 113, where the PUK code 
is requested again from the user. If, again, the maximum 
number is exceeded 120, the SIM card or the mobile 
equipment is completely blocked 121. 

Figure 2 shows a flow chart of the operation of the 
second embodiment of the invention. The operation of 
the method starts from step 201, where the mobile 
equipment receives from a subscriber identity module, 
such as a SIM card attached thereto a request to ask 
for the PIN identification number from the user of the 
mobile equipment. This is an example of the operation 
in accordance with the second embodiment of the in- 
vention. In the solution according to the first embodi- 
ment of the invention, no SIM card is attached to the 
mobile equipment, but it carries out requesting the iden- 
tification number of the subscriber and checking the va- 
lidity, and the following operation independently. After 
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receiving a request 201 from the SIM card, the mobile 
equipment concludes 202 that the code requested is a 
PIN code. Thereafter the mobile equipment requests 
203 the code in question from its user via its user inter- 
face. The mobile equipment receives the PIN code by 5 
means of its user interface and transmits it 204 to the 
SIM card according to the second embodiment of the 
invention. This subscriber identity module thus carries 
out checking the PIN code in the manner described 
above in step 1 03 of Figure 1 and returns 205 an answer io 
to the mobile equipment, which analyses 206 the mean- 
ing of the answer. In the solution according to the first 
embodiment of the invention, checking the PIN code 
and measures caused by it may of course be carried out 
in the actual mobile equipment. 75 

The mobile equipment acts as follows on the basis 
of the analysis of the information/answer transmitted by 
the SIM card: 

In case the SIM card has provided 207 information 
that the SIM card is blocked and that the user of the 20 
mobile equipment is requested to enter a PUK code, the 
mobile equipment requests 208, according to the inven- 
tion, the subscriber identity, that is, an IMS! or ITSI iden- 
tity from the SIM card. The SIM card thus releases the 
protection of these identities in its own memory and 25 
transmits 209 a subscriber identity (IMSI, ITSI) to the 
mobile equipment. According to the first embodiment of 
the invention, the aforementioned releasing the protec- 
tion of the subscriber identity would be carried out in the 
mobile equipment, in which the subscriber identity 30 
would be stored, as well. Following this, in step 210, the 
mobile equipment informs the mobile communication 
system according to the invention that an attempt has 
been made to break into the SIM card (the second em- 
bodiment) or the mobile equipment (the first embodi- 35 
ment) and that the SIM card (or mobile equipment) in 
question has been blocked, The mobile equipment may 
thus act as follows: 

The mobile communications system may temporar- 
ily disable the radio unit or the mobile equipment in 40 
which the SIM card has been attempted to use (tempo- 
rary disabling'). The radio unit in question thus cannot 
be used for communication, but the system may monitor 
the location of the radio unit in the network. 

The system may also permanently disable the radio 
unit ('permanent disabling'). 

The access of the subscriber to whom the blocked 
SIM card belongs is prevented from this on. This is done 
by labelling the subscriber in question as a 'forbidden 
subscriber* in the databases of the system, in which so 
case the operation of this subscriber in the network is 
restricted e.g. so that the calls of the subscriber are not 
allowed or some services are closed. 

Since after blocking the SIM card, the subscriber 
identity on the card may also be read by the person who 55 
has made the attempt on misuse, the subscriber must 
usually be labelled as a 'forbidden subscriber* in each 
case. It must be noted, however, that although the sub- 



scriber identity would not be marked as forbidden, it is 
not possible to be authenticated in the system using this 
identity because the authentication key required for au- 
thentication is not available due to blocking the card. 

In accordance with the invention, the attempt at mis- 
using the card is further reported to persons supervising 
the use of the mobile communications system or e.g. to 
a duty officer or a dispatcher of a 'public safety' network. 
The person supervising the use of the system may 
thereafter contact the legitimate owner of the SIM card 
and inquire whether the card has possibly come into the 
wrong hands. 

Subsequently, the implementation of the invention 
continues from step 211 , in which the following code re- 
quested by the mobile equipment and the SIM card is 
the PUK code, which must be entered correctly by the 
user in order that the PIN code can be requested again 
from the user and that the SIM card and the mobile 
equipment can be returned to use provided that the user 
enters the valid PIN code. Thereafter, the procedure re- 
turns 220 to step 203, in which the code is requested 
from the user. 

If, again, it is detected in step 206 that the answer 
obtained from the SIM card or the observation made by 
the mobile equipment (in the first embodiment) indicates 
that the user has entered a valid PI N code 21 2, the mo- 
bile equipment starts its operation as usual. 

If, again, it is detected in step 206 that the answer 
obtained from the SIM card or the observation of the mo- 
bile equipment (in the first embodiment) indicates that 
the user has entered a valid PUK code 214, the opera- 
tion continues so that the user interface of the mobile 
equipment is reported 215 that the following piece of in- 
formation requested from the user is the PIN code, 
which, when entered correctly, allows the user to acti- 
vate the mobile equipment. The procedure thus returns 
221 to step 203, in which the code is requested from the 
user. 

If, again, it is detected in step 206 that the answer 
obtained from the SIM card or the observation made by 
the mobile equipment (in the first embodiment) indicates 
that the user has entered an invalid PUK code 21 6, the 
procedure shifts 21 7 to step 203, in which the PUK code 
is requested again. 

If, again, it is detected in step 206 that the answer 
obtained from the SIM card or the observation of the mo- 
bile equipment (in the first embodiment) indicates that 
the user has entered an invalid PIN code 218, the pro- 
cedure shifts 219 to step 203, in which the PIN code is 
requested again. 

Figure 3 shows a block diagram of a radio unit ac- 
cording to the invention. The figure shows the infrastruc- 
ture (INFRA) of the mobile communications system 600. 
The network infrastructure comprises e.g. base sta- 
tions, switching centres, databases DB and other tele- 
communications equipments. The figure shows a typical 
radio unit 500, that is, a radio telephone, mobile equip- 
ment or a subscriber station used by the subscriber 
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communicating in a mobile communications system. 
The purpose of a transceiver (TX/RX) 501 is to be adapt- 
ed to a radio channel employed at each moment, the 
mobile equipment communicating via said radio chan- 
nel with the network infrastructure. The transceiver 501 5 
is connected to an antenna 502. which is connected to 
the radio path RP. Usually, radio frequencies between 
60 - 1000 MHz (VHF and UHF frequency ranges) are 
employed although other frequencies may be em- 
ployed, as well. On the radio path RP, analog or digital io 
modulation may be employed. 

A user interface 505 comprises electroacoustic 
converter means, typically an earpiece 506 and a mi- 
crophone 507 and possibly keys associated with start- 
ing, ending and dialling a call. Mobile equipments em- is 
ployed in trunking systems may also comprise a push- 
to-talk button which must be pressed down during a 
speech turn. 

The purpose of a control unit 503 is to control the 
operation of the radio unit. The control unit 503 is con- 20 
nected to the user interface 505 r which provides it e.g. 
with impulses associated with starting and ending a call. 
Via the user interface 505, the control unit 503 may also 
give the user sound signals or visual signals associated 
with the operation of the radio telephone and/or the radio 25 
telephone system. 

The control unit 503 is connected to the transceiver 
TX/RX 501. The channel employed by the transceiver 
is determined by the control unit 503, that is, the trans- 
ceiver 501 is tuned onto the channel, i.e. the radio f re- 30 
quency, determined by the control unit 503, and into a 
suitable time-slot. The transceiver 501 is also switched 
on under control of the control unit 503. The control unit 
503 receives and transmits signalling messages via the 
transceiver 501. 35 

The mobile equipment or the radio unit 500 accord- 
ing to the invention may be employed e.g. in a radio sys- 
tem comprising a radio network comprising at least one 
base station and subscriber stations and possibly one 
or more repeater stations and databases DB. Said radio *o 
unit thus comprises a transceiver unit 501 for receiving 
transmissions transmitted by other radio units or base 
stations, and for transmitting transmissions to said other 
radio units or base stations, a control unit 503 for con- 
trolling the operation of the radio unit and a user inter- 45 
face 505. 

A mobile equipment 500 according to the first em- 
bodiment of the invention comprises memory means 
508 for storing a protected subscriber identity IMS! or 
ITSI, a user interface 505 for requesting the subscriber so 
identification number PIN from the user of the mobile 
equipment, checking means 510 for checking the valid- 
ity of said subscriber identification number PIN, counter 
511 for counting the number of validity checks of the 
subscriber identification number PIN : and blocking 55 
means 512 responsive to said counter 511 for blocking 
the mobile equipment when the number of said checks 
exceeds a predetermined number without the user of 



the mobile equipment having entered a valid identifica- 
tion number PIN by means of said user interface 505. 

The mobile equipment 500 of the invention further 
comprises releasing means 513 for releasing the pro- 
tection of the protected subscriber identity in the sub- 
scriber identity module and for finding out the subscriber 
identity, and transmission means 51 4 for transmitting to 
the mobile communications system 600 the found sub- 
scriber identity and an indication that the mobile equip- 
ment has been blocked. 

In the mobile equipment of the invention, releasing 
513 the protection of the protected subscriber identity is 
carried out after blocking the mobile equipment 500 (see 
step 11 , Figure 1). 

In the mobile equipment 500 of the invention, said 
subscriber identity I MSI or ITSI and the indication that 
the mobile equipment 500 has been blocked are trans- 
mitted to the mobile communications system e.g. in a 
registration message. 

A mobile equipment according to the second em- 
bodiment of the invention comprises a user interface 
505 for requesting the subscriber identification number 
PIN from the user of the mobile equipment, a subscriber 
specific subscriber identity module SIM, 509 provided 
with a subscriber identity, which is removably attached 
to said mobile equipment. 

A mobile equipment according to the second em- 
bodiment of the invention further comprises checking 
means 510 for checking the validity of said subscriber 
identification number PIN, counter 511 for counting the 
number of validity checks of the subscriber identification 
number PIN, and blocking means 515 responsive to 
said counter 511 for blocking the subscriber identity 
module when the number of said checks exceeds a pre- 
determined number without the user of the mobile 
equipment 500 having entered a valid identification 
number PIN. 

The mobile equipment of the invention further com- 
prises releasing means 51 6 for releasing the protection 
of the protected subscriber identity IMSI, ITSI in the sub- 
scriber identity module SIM, 509, and for finding out the 
subscriber identity, and transmission means 517 for 
transmitting to the mobile communications system the 
found subscriber identity and an indication that the sub- 
scriber identity module has been blocked. 

In the mobile equipment of the invention, releasing 
1 1 2 the protection of the protected subscriber identity is 
carried out after blocking 111 said subscriber identity 
module SIM, 509. 

In the mobile equipment of the invention, said sub- 
scriber identity IMSI or ITSI and the indication that the 
subscriber identity module SIM, 509 has been blocked 
(step 111, Figure 1) are transmitted to the mobile com- 
munications system e.g. in a registration message. 

The figures and the explanation associated there- 
with are only intended to illustrate the present invention. 
In detail, the method and the mobile equipment of the 
invention may vary within the scope of the attached 
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claims. 

The aforementioned operation in which the mobile 
equipment informs the mobile communications system 
of an attempt to break the protection of a PIN code of a 
subscriber identity module, that is, of a SIM-card, may 
be implemented in two alternative manners: 

(1) the subscriber identity I MSI, ITSI may be stored 
in such a manner that the PIN code protection does 
not apply to it. The subscriber identity may thus be 
read from the card in every case regardless of 
whether a PIN code has been entered or not and 
whether the card has blocked itself or not. Or alter- 
natively: 

(2) the subscriber identity has been stored in such 
a manner that the identity may be read in two cases 
only: 

a) when a valid PIN code has been entered, and 

b) when the card has been blocked as a result 
of entering invalid PIN codes. 

In case b) it is not possible to read other information 
from the card, except for the subscriber identity. 

The implementation according to alternative (2) 
shown above is more functional because in that case 
the subscriber identity can be read without a valid PIN 
code in such a case only where the card is blocked and 
it is thus not possible tor the subscriber identity to come 
into the hands of an unauthorized user by mistake. 



Claims 

1. A method for checking a personal identification 
number (PIN) of a subscriber in a mobile equipment 
(500) employed in a mobile communications sys- 
tem (600), said mobile equipment containing a pro- 
tected subscriber identity (IMSI, ITSI), the method 
comprising the steps of: 

requesting (203) a user of the mobile equip- 
ment the personal identification number (PIN) 
of the subscriber, 

checking (1 03) the validity of the personal iden- 
tification number (PIN) entered by the user, 
repeating (109) these steps provided that the 
user does not enter the valid identification 
number and, 

when the number of requests (203) and checks 
(103) of the personal identification number 
(PIN) exceeds (110) a predetermined threshold 
value, blocking (111) the mobile equipment 
(500), 

characterized by the steps of: 

releasing (112) a protection of the protected 



subscriber identity (IMSI, ITSI). 

in response to said releasing, finding out the 

subscriber identity; 

transmitting (210) to the mobile communica- 
5 tions system (600) the subscriber identity (IM- 

SI, ITSI) in question and an indication that the 
mobile equipment has been blocked. 

2. A method as claimed in claim 1 , 
10 characterized by said releasing (112) the protec- 
tion of the protected subscriber identity (IMSI, ITSI) 
taking place after blocking (111) the mobile equip- 
ment. 

is 3. a method as claimed in claim 1 , 

characterized by transmitting (210) said subscrib- 
er identity (IMSI, ITSI) and said indication that the 
mobile equipment has been blocked (111) to the 
mobile communications system in a registration 

20 message. 

4. A method as claimed in claim 1 , 
characterized by labelling said subscriber identity 
as forbidden in a database of the mobile communi- 

25 cations system (600) in response to said subscriber 
identity and said indication that the mobile equip- 
ment (500) has been blocked (111), both transmit- 
ted (210) to the mobile communications system 
(600). 

30 

5. A method for checking a personal Identification 
number (PIN) of a subscriber in a mobile equipment 
(500) employed in a mobile communications sys- 
tem (600), said mobile equipment being a combina- 

35 tion of a subscriber station (501, 503, 505) and an 
individual subscriber identity module (509, SIM) 
containing a protected subscriber identity (IMSI, IT- 
SI), said identity module being removably attached 
to the subscriber station, whereby a mobile equip- 

40 ment may be composed by attaching the subscriber 
identity module (509, SIM) to any subscriber sta- 
tion, the method comprising the steps of: 

requesting (203) the user of the mobile equip- 
45 ment the personal identification number (PIN) 

of the subscriber, 

checking (103) from the subscriber identity 
module the validity of the personal identification 
number (PIN) entered by the user, 

so repeating (109) these steps provided that the 

user does not enter the valid personal identifi- 
cation number (PIN), and 
blocking (111) the subscriber identity module 
(509, SIM) when the number of requests (203) 

55 and checks (103) of the personal identification 

number (PIN) exceeds (110) a predetermined 
threshold value, 
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characterized by 

releasing (112) a protection of the protected 
subscriber identity (IMSI. ITSI) in the subscrib- 
er identity module (509, SIM), 
in response to said releasing, finding out the 
subscriber identity, 

transmitting (210) to the mobile communica- 
tions system (600) said subscriber identity (IM- 
SI. ITSI) and an indication that the subscriber 
identity module (509, SIM) has been blocked. 

6. A method as claimed in claim 5, 
characterized by said releasing (112) the protec- 
tion of the protected subscriber identity (IMSI, ITSI) 
taking place after blocking (111) the subscriber 
identity module (509, SIM). 

7. A method as claimed in claim 5, 
characterized by transmitting said subscriber iden- 
tity (IMSI, ITSI) and said indication that the sub- 
scriber identity module (509, SIM) has been 
blocked (111 ) to the mobile communications system 
(600) in a registration message. 

8. A method as claimed in claim 1 , 
characterized by labelling said subscriber identity 
as forbidden in a database (DB) of the mobile com- 
munications system (600) in response to said sub- 
scriber identity (IMSI, ITSI) and said indication that 
subscriber identity module (509, SIM) has been 
blocked (111), transmitted (210) to the mobile com- 
munications system (600). 

9. A method as claimed in claim 4 or 8, 
characterized by said subscriber identity being no 
longer valid for employing the services of the mobile 
communications system in response to labelling 
said subscriber identity (IMSI, ITSI) as forbidden in 
the database (DB) of the mobile communications 
system (600). 

10. A method as claimed in claim 4 or 8 S 
characterized by said subscriber identity being no 
longer valid for employing the services of the mobile 
communications system, and the mobile communi- 
cations system yet maintaining information on the 
location of said mobile equipment and/or subscriber 
identity module, in response to labelling said sub- 
scriber identity (IMSI, ITSI) as forbidden in the da- 
tabase (DB) of the mobile communications system 
(600). 

11. A method as claimed in claim 4 or 8, 
characterized by reporting said subscriber identity 
and the attempt at misusing said personal identifi- 
cation number (PIN) of the subscriber to the oper- 
ator of the mobile communications system in re- 



sponse to labelling said subscriber identity (IMSI, 
ITSI) as forbidden in the database (DB) of the mo- 
bile communications system (600). 

12. A method as claimed in claim 4 or 8, 
characterized by reporting said subscriber identity 
subscriber data related to said subscriber and the 
attempt at misusing said subscriber identification 
number to the operator of the mobile communica- 
tions system in response to labelling said subscrib- 
er identity (IMSI, ITSI) as forbidden in the database 
(DB) of the mobile communications system (600). 

1 3. A method as claimed in claim 4 or 8, 
characterized by reporting the attempt at misusing 
the subscriber identity module (509, SIM) and/or the 
personal identification number (PIN) of the sub- 
scriber to the legitimate owner of the subscriber 
identity module (509, SIM) and/or the personal 
identification number (PIN) of the subscriber in re- 
sponse to labelling said subscriber identity (IMSI, 
ITSI) as forbidden in the database (DB) of the mo- 
bile communications system (600). 

14. A mobile equipment (500, Figure 3) comprising: 

memory means (508) for storing a protected 
subscriber identity (IMSI ITSI), 
a user interface (505) for requesting a personal 
identification number (PIN) of a subscriber from 
the user of the mobile equipment (500), 
checking means (510) for checking (103) the 
validity of said personal identification number 
(PIN) of the subscriber, 

a counter (511) for counting (108) the number 
of validity checks of the personal identification 
number (PIN) of the subscriber, and 
blocking means (512) responsive to said coun- 
ter (511) for blocking (111) the mobile equip- 
ment when the number of said checks exceeds 
a predetermined number without the user of the 
mobile equipment having entered a valid per- 
sonal identification number (PIN) by means of 
said user interface (505), 

characterized by further comprising: 

releasing means (513) for releasing (112) the 
protection of the protected subscriber identity 
(IMSI, ITSI) and for finding out the subscriber 
identity, and 

transmission means (514) for transmitting 
(210) to the mobile communications system 
(600) the found subscriber identity and an indi- 
cation that the mobile equipment has been 
blocked. 

15. A mobile equipment (500) as claimed in claim 14, 
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characterized by said releasing (112) the protec- scriber identity module (SIM, 509) has been 

tion of the protected subscriber identity (IMSI, ITS!) blocked (1 11 ) to the mobile communications system 

taking place after blocking (111) the mobile equip- (600) in a registration message, 

ment. 

5 

16. A mobile equipment (500) as claimed in claim 14, 
characterized by transmitting (210) said subscrib- 
er identity (IMSI, ITS!) and said indication that the 
mobile equipment (500) has been blocked (111) to 
the mobile communications system (600) in a reg- io 
istration message. 

17. A mobile equipment (500, Figure 3) comprising: 

a user interface (505) for requesting a personal is 
identification number (PIN) of a subscriber from 
the user of the mobile equipment, 
an individual subscriber identity module (SIM, 
509) provided with a subscriber identity, and re- 
movably attached to said mobile equipment 20 
(500), said mobile equipment further compris- 
ing 

checking means (510) for checking (103) the 
validity of said personal identification number 
(PIN) of the subscriber, 25 
a counter (511) for counting (108) the number 
of validity checks of the personal identification 
number (PIN) of the subscriber, and 
blocking means (515) responsive to said coun- 
ter (511) for blocking ( 1 1 1 ) the subscriber iden- 30 
tity module (509, SIM) when the number of said 
checks exceeds ( 1 1 0) a predetermined number 
without the user of the mobile equipment (500) 
having entered a valid personal identification 
number (PIN), 3S 

characterized by further comprising: 

releasing means (516) for releasing (112) the 
protection of the protected subscriber identity 40 
(IMSI, ITSI) in the subscriber identity module 
(SIM, 509) and for finding out the subscriber 
identity, and 

transmission means (517) for transmitting 
(210) to the mobile communications system 
(600) the found subscriber identity and an indi- 
cation that the subscriber identity module (SIM, 
509) has been blocked (111). 

18. A mobile equipment (500) as claimed in claim 17, so 
characterized by said releasing (112) the protec- 
tion of the protected subscriber identity (IMSI, ITSI) 
taking place after blocking (111) said subscriber 
identity module (SIM, 509). 

55 

19. A mobile equipment (500) as claimed in claim 17, 
characterized by transmitting (210) said subscrib- 
er identity (IMSI, ITSI) and said indication that sub- 
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